Major security alert hits Kazaa and iMesh
Posted by UKer on 27 May 2003 - 11:45 · 13 comments & 594 views
About the Author
Full name: Unknown
Forum name: UKer
Contact: via forum PM
Submissions: Normal · Headline
Full name: Unknown
Forum name: UKer
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
(1 reply)
#1 Posted by FuhrerDarqueSyde on 27 May 2003 - 11:51
- point-to-point? its peer-to-peer f00
-
#2 Posted by Mr. Black on 27 May 2003 - 12:07
- I'm glad the guy was responsible enough not to release the 'sploit, and for good reason which he cited.
-
#3 Posted by Napalm on 27 May 2003 - 12:14
- "I don't want some little script-kiddie to close down all of the [FastTrack] network or parts of it"
Oh, I wasn't thinking that script kiddies might shut down the networks... more like the RIAA and MPAA?
-
#4 Posted by Quick Reply on 27 May 2003 - 12:34
- The RIAA and MPAA are script kiddies, and thank god that Random Nut didn't tell them, and I assume that this Also affects Kazaa-Lite, so we'll just need to keeo our eyes-peeled for a new kazaa and a subsiquent new kazaa-lite
-
#5 Posted by xmintox on 27 May 2003 - 14:40
- Random Nut is the dude that built K++
-
(4 replies)
#6 Posted by mitsugi on 27 May 2003 - 15:20
- KaZaA 2.1.1 English is released
kmd211_en.exe Full Installer
kmd.exe Web Installer -
#6.3 Posted by mitsugi on 27 May 2003 - 17:09
- Kazaa lite would not be based upon 2.1.1 unless they get rid of all the features like auto search more or they hack the new version. kazaa lite 2.1 is based on 2.0.2
-
#7 Posted by Moi on 27 May 2003 - 16:32
- Out off topic, but what happened with warp2search.com ?
-
#8 Posted by Sawyer12 on 27 May 2003 - 18:05
- Yet another problem that kazza is causing. apart from spyware.
A patch should be available in a day or so, and users of the popular software are urged to install it as soon as it’s available.
The user who identified the exploit, Random Nut, has claimed that “It's definitely a serious risk. Just ask anyone... if executing arbitrary code is a serious risk or not”. The user, whose real name remains a mystery, claims to have contacted Kazaa and Joltid two weeks ago, but due to a lack of response he has gone public. He told ZDNet that “[On] Tue 13 May I emailed a guy at Joltid, and about 2 days later I filed a bug report at www.kazaa.com. Yesterday, after reading it on Full Disclosure, someone working for Joltid contacted me. He told me that the guy I emailed had been on a long honeymoon”.
While Random Nut has explained the problem publicly, he claims not to have released any of the exploit code in the public domain. He said that “I haven't released the exploit code. I don't want some little script-kiddie to close down all of the [FastTrack] network or parts of it”.
HP may have picked a good time to announce the robot. Fear of flying after Sept. 11, 2001, has led to a rash of interest in videoconferencing. And the severe acute respiratory syndrome (SARS) outbreak has put a further crimp on already sluggish business travel.
The promise of such technology is that a remote co-worker can hear the formal part of a meeting as well as participate in the chitchat within the room. Using a joystick, the distant participant can pick up on a sound in one part of a room and join in that conversation. However, those present at a meeting should be forewarned that the microphone on the robot is sensitive; hushed conversation in a corner might not be so private.
But for all its potential, the current model is still very much a work in progress. HP still has no commercial plans for the robot, which was built using a number of Windows-based PCs. Although the robot allows people to see the face of a co-worker in near-real time,there is about a one-second delay before the remotely connected colleague can be heard. And although an earlier version of the robot was designed to travel around the office via a joystick controlled by the person, HP has made the latest version static while it tries to work out some of the kinks.
HP is not unique in pursuing robots as a replacement for travel. For example, Los Angeles-based InTouch Health sees robots as a way to allow expert doctors and health care providers to be virtually at the bedside of patients that are hundreds or thousands of miles away.
But HP's lead researcher says that the company is far ahead of other such projects.
"So far the best things that have been done--they still kind of look spooky," said HP Labs researcher Norm Jouppi.
To be fair, HP's first attempt was rather off-putting in its own right--resembling a slightly bulkier version of No. 5 from the '80s movie "Short Circuit."
Mechanical engineer Stan Thomas said that when he joined the team, he noticed that people spent more time looking at the robot's shiny metal parts than at the video screen that's displaying their co-worker. Thomas helped redesign the device to have a more human-looking (and less jarring) form--the current blue, plastic model resembles a giant Lego.
People seem to like the fact that the new model doesn't have arms, Jouppi said. Although the arms on the first version allowed the robot to perform simple tasks such as pushing an elevator button, researchers say people were put off by the fact that the robot could touch things.
"They'd seen too many movies" with robots crushing things, Jouppi said.
HP wouldn't say how much such a robot could cost--though it is certain to be more than the price of a few plane tickets. The current setup for the distant co-worker uses five PCs, five cameras and a surround-sound system, creating a virtual environment. The in-office robot is made up of two PCs, a number of cameras, four directional microphones and several speakers. A high-speed 802.11a wireless network is needed at the meeting site to transmit the information back to the remote colleague.
Jouppi wishes that his pet project was already a reality.
"I'd like to have something like this," he says. "I have to go on a business trip next week for a two-hour meeting."